Security Ops Center Specialist
- Bangalore, India
The SOC Specialist will be responsible for analyzing and responding to network security events escalated from SOC engineers.
- Investigate intrusion attempts and perform an in-depth analysis of exploits
- Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
- Launch and track investigations to resolution
- Recognize attacks based on their signatures, differentiate false positives from true intrusion attempts
- Alert clients of intrusions and potential intrusions and compromises to their network infrastructure
- On boarding of new clients and integration of new log sources with SIEM.
- Administration and management of SIEM and security devices.
- Remotely monitor and manage client network security devices.
- Actively investigates the latest security vulnerabilities, advisories, incidents, and penetration techniques and notifies clients when appropriate.
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- To continuously improve on their knowledge around information security as it relates to their job and identifying and preventing phishing attempts
- Create use cases in SIEM platform for any threat scenarios.
- Minimum of 3+ years of experience in the IT security industry, preferably working in a SOC environment
- Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree
- Certifications: CCNA, CCSP, CHFI, GCIH
- Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products
- Experience with Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment
- Should have expertise on TCP/IP network traffic and event log analysis
- Knowledge and hands-on experience with SIEM tools
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management
- Configuration and Troubleshooting experience on Cisco ASA, PaloAlto firewalls would be an added advantage
- Strong verbal and written English communication
- Strong interpersonal and presentation skills
- Ability to work with minimal levels of supervision
- Willingness to work in a job that involves 24/7 operations
- Shift management and scheduling
- Remain vigilant while continuing to maintain and enhance the overall security of Alphaserve and the client’s receiving our services.
- Maintain awareness about the potential risks based on the environment they are operating in and the clients they are working on
Back to top